12 matches found
Cross-site Scripting
form-to-database is vulnerable to Cross-Site Scripting. The vulnerability is due to improper handling of form values, where non-string inputs were not sanitized or safely normalized, and attackers can exploit this by injecting malicious JavaScript that executes when the data is rendered...
EUVD-2025-29543
Malicious code in bioql PyPI...
CVE-2025-10316
The extension "Form to Database" is susceptible to Cross-Site Scripting. This issue affects the following versions: before 2.2.5, from 3.0.0 before 3.2.2, from 4.0.0 before 4.2.3, from 5.0.0 before 5.0.2...
TYPO3 "Form to Database" extension susceptible to Cross-site Scripting
The extension "Form to Database" is susceptible to Cross-Site Scripting. This issue affects the following versions: before 2.2.5, from 3.0.0 before 3.2.2, from 4.0.0 before 4.2.3, from 5.0.0 before 5.0.2...
GHSA-54PG-2X9H-CMX8 TYPO3 "Form to Database" extension susceptible to Cross-site Scripting
The extension "Form to Database" is susceptible to Cross-Site Scripting. This issue affects the following versions: before 2.2.5, from 3.0.0 before 3.2.2, from 4.0.0 before 4.2.3, from 5.0.0 before 5.0.2...
Cross-site Scripting (XSS)
Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS via the formtodatabase exten. An attacker can execute arbitrary scripts in the context of the user's browser by injecting malicious input. Details Cross-site scripting or XSS is a code vulnerability that occurs...
CVE-2025-10316
The extension "Form to Database" is susceptible to Cross-Site Scripting. This issue affects the following versions: before 2.2.5, from 3.0.0 before 3.2.2, from 4.0.0 before 4.2.3, from 5.0.0 before 5.0.2...
CVE-2025-10316
CVE-2025-10316 affects the TYPO3 extension Form to Database (form_to_database). The issue is Cross-Site Scripting due to insufficient handling of form values, allowing injection of malicious scripts when data is rendered. Affected versions are: before 2.2.5; 3.0.0–3.2.1; 4.0.0–4.2.2; 5.0.0–5.0.1....
CVE-2025-10316 Cross-Site Scripting in extension "Form to Database" (form_to_database)
The extension "Form to Database" is susceptible to Cross-Site Scripting. This issue affects the following versions: before 2.2.5, from 3.0.0 before 3.2.2, from 4.0.0 before 4.2.3, from 5.0.0 before 5.0.2...
CVE-2025-10316 Cross-Site Scripting in extension "Form to Database" (form_to_database)
The extension "Form to Database" is susceptible to Cross-Site Scripting. This issue affects the following versions: before 2.2.5, from 3.0.0 before 3.2.2, from 4.0.0 before 4.2.3, from 5.0.0 before 5.0.2...
PT-2025-37914
Name of the Vulnerable Software and Affected Versions: Form to Database versions prior to 2.2.5 Form to Database versions 3.0.0 through 3.2.2 Form to Database versions 4.0.0 through 4.2.3 Form to Database versions 5.0.0 through 5.0.2 Description: The extension "Form to Database" is susceptible to...
TYPO3 Form to Database 安全漏洞
TYPO3 Form to Database is an open source database extension for TYPO3. A security vulnerability exists in TYPO3 Form to Database, which is vulnerable to cross-site scripting attacks. The following versions are affected: versions prior to 2.2.5, versions 3.0.0 through 3.2.2, versions 4.0.0 through...